"US, ROK Agencies Alert: DPRK Cyber Actors Impersonating Targets to Collect Intelligence"
The National Security Agency (NSA) is collaborating with several organizations to draw attention to the Democratic People's Republic of Korea's (DPRK) use of social engineering and malware to target think tanks, academic institutions, and the news media. In order to help in protecting against these DPRK attacks, the NSA and its partners are publishing a Cybersecurity Advisory (CSA) titled "North Korea Using Social Engineering to Enable Hacking of Think Tanks, Academia, and Media." Rob Joyce, director of Cybersecurity at the NSA, stated that DPRK-sponsored cyber actors continue to impersonate trusted sources in order to collect sensitive information, adding that education and awareness are the first line of defense against these social engineering attacks. The FBI, US Department of State, and more have observed sustained information-gathering efforts by a group of DPRK cyber actors known as Kimsuky, THALLIUM, or VELVETCHOLLIMA. This article continues to discuss the alert about the DPRK's use of social engineering and malware to target victims.